I am configuring a VPN for a remote office to connect to the home office. The ISP assigns a 192.168.1.X internal address and that is the same as the remote network. The VPN will come up, but the computer can't access any resources on the network. I tend to think I am missing something easy.
Here are the address:
Local internal: 192.168.1.47
Nat'd address from router: 172.16.0.28
Remote internal: 192.168.1.X
On the remote network, there is an AS400 that needs accessed as well as an Exchange Server.
it doesn't work because of the subnets overlapping.
e.g. when remote pc sends an request to the email server, it looks up the destination ip. since the destination ip is the same as the lan, the remote pc will send an arp request attempting to resolve the mac address. in other words, the remote pc will not send the request to the router, and hence it will not be encrypted and sent to the email server via the vpn tunnel.
to resolve the issue, i believe you need to change the subnet range.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...